With its Version Management, iThemes Security Pro has four areas for admins: WordPress Updates (core files), Plugin Updates, Theme Updates, and Protection.

Leveraging iThemes Security Pro for Version Management for Your WordPress Plugins & Themes

What are the Differences Between the iThemes Security Pro Paid Plugin & iThemes Security Free Plugin Versions?

The iThemes Security Pro paid plugin version includes all the iThemes Security free plugin version features, but the paid plugin version also has the following features: Security Dashboard, Two-Factor Authentication, Trusted Devices, reCAPTCHA, Version Management, User Security Check and User Logging, Settings Import and Export, Privilege Escalation, Passwordless Login, Malware Scan Scheduling, and Magic Links.

How Do You Use the iThemes Security Free Plugin or the iThemes Security Pro Paid Plugin?

Download and install the plugin. Then activate it. After activation, you will see a new Security option in the panel on the left. Select the Security option to run the initial security check on your site. During the security check, the plugin will enable various modules to protect your site. Click the Secure Site button to start this process.

About the Frequency of WordPress Updates

WordPress is one of the most popular Content Management Systems (CMSs) currently. However, it is not perfect, and it is continuously being further developed and improved. WordPress should be regularly updated to ensure optimal functionality and performance. WordPress updates can be time-consuming — and problematic if not done promptly. So, to answer the important question — how frequently should all things WordPress be updated? As often as needed! 

WordPress Core Updates

WordPress core files make up the base of your site’s code. These files can be downloaded from the WordPress Repository, and they are already included in all the Managed WordPress and Managed WooCommerce plans offered by Nexcess. An example of the WordPress core filesystem is shown below:

WordPress core updates usually patch security issues with WordPress sites. Failing to update the WordPress core will leave your site vulnerable to various malicious attacks. 

WordPress Themes Updates

WordPress themes contain visual customizations for your site and, as such, can be tricky to update. The best practice, in this case, would be to use a child theme when customizing your site. That way, WordPress theme updates will not affect your site, and you will not need to make as many changes to it. 

Current WordPress themes are more complicated and time-consuming when it comes to updating them. Due to all the features they contain, they are prone to breaking the site’s functionalities if not updated often. Depending on your theme, theme updates might be available in the WordPress dashboard directly. If you’re using a custom theme, you might need to download its new version from the developer and upload the new files via FTP or SSH. 

WordPress Plugins Updates

Plugins offer a wide variety of functionalities you can add to your website. To function correctly, they will need to be compatible with each other, and the theme you are using on your website. Different plugins have different vendors, and just as theme updates, some of them will be available in the WordPress dashboard. In contrast, others will need to be updated by manually uploading new files. As with WordPress core files and themes, you will need to update plugins accordingly to have a fully functional and secure site.  

How to Update WordPress Components?

First, as every little update has the great potential to break things, the most important thing you will need to do is to make a backup of the site. The backup can be created using a plugin in the Nexcess Portal or manually by copying the whole site to your local machine. Once you are confident you have a backup of the working site, you can use the WordPress dashboard to update your plugins, themes, or core files:

We have quite a few updates to make in this particular case, including three plugin updates, four theme updates, and a core update from WordPress version 5.8.3 to 5.9. The best way to do these updates would be to go one by one. Complete one update, confirm everything is still functioning, complete another one and recheck again. As you can see, making sure your site is up to date can be quite time-consuming. 

Lucky for us, there are a couple of ways to automate WordPress updates:

• Using the WordPress CLI

• Through the Nexcess Portal

• Using the default WordPress built-in feature

• Using the iThemes Sync Pro plugin

• Using the iThemes Security Pro plugin

iThemes Security Pro: Managing Automatic Updates

iThemes Security Pro is primarily a security plugin for WordPress, which has many built-in features and intelligent defaults to help secure your site. 

Note: iThemes Security Pro 7.0 requires WordPress 5.7 and PHP 7.0 or later.

Among other security features, iThemes Security Pro also allows you to set up automatic updates for various sections of your website. The first thing it will show in the dashboard is a summary of updates needed unless they were initially configured for automatic updates:

When you get to its Version Management section, you’ll see four main sections:

• WordPress Updates (if selected, it will automatically install the newest versions of core files once available)

• Plugin Updates

• Theme Updates

• Protection

The Plugin Updates section will allow you to select which plugins you’d like updated immediately when available, which you’d like to skip updates entirely, and for which you’d like to set a delay for updates in case they’re not entirely stable or compatible with other versions of software on the site:

Theme update will also allow you to select which themes you’d like to update immediately, which you’d like not to update entirely, and which you’d like to update with a delay:

For most Managed WordPress or Managed WooCommerce plans, the site you’re working on will be the only site in existence. Therefore “Scan for Old WordPress Sites” will apply only to the site you’re working on. 

However, if the site you’re working on is a part of the Flexible Cloud Plan or any other hosting plan, you’ll probably have other sites using the same Unix user. In that case, “Scan for Old WordPress Sites” will be useful to check other sites sharing your site’s resources. This way, you’ll be able to ensure they’re up to date and not a vulnerability. 

If you haven’t created a backup or the update you performed broke the site, our Support Team will be happy to help in any way possible. Sometimes, the quickest way to fix an issue would be to restore a site from a backup or roll back the change made. That’s the main reason working backups are crucial to have on hand. 

Consider Hosting with Nexcess

Try the best-in-industry hosting! Check out our Fully Managed WordPress Plans!

Any contact form plugin will be of no use to your WordPress site if it is not hosted with a decent hosting company. Here at Nexcess, we provide the best WordPress and WooCommerce hosting, fully optimized for speed and performance. 

Explore your Trial WordPress Plan now!

On top of that, we offer automatic WordPress core and plugin updates, free SSL certificates, and an unsurpassed support team. Additionally, 30-day backups included in every plan will ensure the safety and integrity of your data.

Hosting optimized for the industry's leading platforms, including Managed WordPress Hosting, Managed WooCommerce Hosting, and Managed Magento Hosting:

Build Better Sites and Stores With Fully Managed Hosting from Nexcess 

Faster Speeds, Stronger Security, Inherent Scalability and Trusted Support.

Our range of hosting plans caters to any business scale. We do all the heavy lifting for you to focus on growing your business. In addition, we automatically update ore components and plugins to the latest version and ensure your hosting environment is properly optimized, secured, and updated.

Nexcess infrastructure was specially designed to keep up the best speed and performance in the industry. No traffic surge can threaten your website to go down thanks to our autoscaling technology which adds more resources to your server to handle the load. In addition, we offer always-on security monitoring and support from web hosting experts 24/7/365 and a built-in CDN with 22 locations and advanced caching for ultra-fast loading.

All hosting plans include The Nexcess 30-Day Web Hosting Money Back Guarantee.

Need a No-Code Website Building Solution? 

Are you on an accelerated schedule and already ready to move forward? If you need to get started with your Nexcess StoreBuilder Solution sooner rather than later, check out these resources:

• StoreBuilder Solution & Pricing 
• Contact Sales via Chat  
• Explore All Products

Next Steps with a Nexcess Cloud Hosting Solution?

Read more about the Fully Managed Cloud Environment by Nexcess and its benefits for your business.

A Cloud Hosting Solution That Lets You Do Business Your Way 

We believe in the promise of cloud: scalability, security, performance, and ease of use. Together with our team, clients, and partners, we’ve built something better.

Choose From Multiple Applications 

Whether you’re a small business or a high-traffic eCommerce store, our cloud hosting solutions are designed around your needs: auto scaling, PCI compliance, and comprehensive development tools provide you with maximum dynamic flexibility in a fully managed cloud environment.

We make applications easy with environment optimizations for:

• Magento
• WooCommerce
• WordPress
• Drupal
• ExpressionEngine
• Craft CMS
• OroCRM

And there are many more!

We also have a variety of Nexcess support articles about how best to implement our product offerings housed in the Nexcess Knowledge Base, including how to get your site going with a number of different configuration options. These resources include a great article on setting this up for Migrating to Nexcess with managed WordPress and managed WooCommerce hosting. 

24-Hour Assistance

If you need any assistance with the above-mentioned, don't hesitate to reach out. For 24-hour assistance any day of the year, Nexcess customers can contact our Support Team by email or through your Client Portal.

Why Choose Nexcess?

Because we're different! Chris Lema captures "the why" in his passionate and stirring recount of a Nexcess support-related story.

Useful YouTube > Nexcess Channel Links

• Nexcess on YouTube - Home 
• Nexcess on YouTube - Welcome to Your Nexcess Portal 
• Nexcess on YouTube - Featured Videos
• Nexcess on YouTube - All Videos 
• Nexcess on YouTube - All Playlists

Resources for More Information

Need more help? The Applications, WooCommerce, and WordPress sections within the Nexcess Knowledge Base are important resources for those seeking additional knowledge. 

The Applications section also contains valuable insights for those seeking additional knowledge about our other various hosted applications and platforms. Check out our related video playlists and articles below:

• Managed WordPress by Nexcess - Video Playlist
• Managed WooCommerce by Nexcess - Video Playlist 
• Managed Magento by Nexcess - Video Playlist 

New Customers: Fully Managed Hosting Solutions

Not a Nexcess customer yet? Check out our fully managed hosting solutions. The option to chat with an expert is also available.

Related Articles

• How to Enable Auto-Updates for Plugins and Themes (via the user interface)
• Nexcess WordPress Plugins and Their Configurations
• How to Deactivate all Plugins and Change the Active Theme Using phpMyAdmin
  
• How to Update Plugins on your WordPress Site
• Updating WordPress Plugins Individually for Admins
  
• How to Disable WordPress Core Updates